How to set up Windows Firewall to limit network access

By enabling Windows Firewall with the proper settings, you can help shut out attackers and limit lateral movement if a breach occurs.

CSO > Security mechanisms vs. fiery threats
Matejmo / Getty Images

To properly protect your network, you need to know who and what has access to your network, and where all sensitive information is located. To better control access, start by limiting the devices that are on the same subnet to only those required for key business needs.

The Center for Internet Security advises, “Segment the network based on the label or classification level of the information stored on the servers. Locate all sensitive information on separated VLANS with firewall filtering to ensure that only authorized individuals are only able to communicate with systems necessary to fulfill their specific responsibilities.”

Rapid7 suggests you classify the data in your network based on its sensitivity. You can set several levels based on your firm’s needs.  

  • Level 1: Data for public consumption. Data that may be freely disclosed.
  • Level 2: Internal data not for public disclosure.
  • Level 3: Sensitive internal data that if disclosed, could affect the company.
  • Level 4: Highly sensitive corporate, employee and customer data.

Given that Level 1 is purposely set for public access, you’ll want to to ensure that the public data isn’t stored on the same servers as the highly sensitive data.

To continue reading this article register now

What is security's role in digital transformation?